Esempio n. 1
0
  /**
   * Send a response
   *
   * @param holder
   * @throws GeneralSecurityException
   * @throws IOException
   */
  public void send(WebRequestUtilHolder holder) throws GeneralSecurityException, IOException {
    Document responseDoc = holder.getResponseDoc();

    if (responseDoc == null) throw logger.nullValueError("responseType");

    String destination = holder.getDestination();
    String relayState = holder.getRelayState();
    boolean supportSignature = holder.isSupportSignature();
    boolean sendRequest = holder.isAreWeSendingRequest();
    HttpServletResponse response = holder.getServletResponse();
    boolean isErrorResponse = holder.isErrorResponse();

    if (holder.isPostBindingRequested() == false && !holder.isStrictPostBinding()) {
      String finalDest = null;

      // This is the case with whole queryString including signature already generated by
      // SAML2SignatureGenerationHandler
      if (holder.getDestinationQueryStringWithSignature() != null) {
        finalDest = destination + "?" + holder.getDestinationQueryStringWithSignature();
      }
      // This is the case without signature
      else {
        byte[] responseBytes = DocumentUtil.getDocumentAsString(responseDoc).getBytes("UTF-8");

        String urlEncodedResponse = RedirectBindingUtil.deflateBase64URLEncode(responseBytes);

        if (isNotNull(relayState)) relayState = RedirectBindingUtil.urlEncode(relayState);

        finalDest =
            destination
                + getDestination(
                    urlEncodedResponse, relayState, supportSignature, sendRequest, isErrorResponse);
      }

      logger.trace("Destination = " + finalDest);
      HTTPRedirectUtil.sendRedirectForResponder(finalDest, response);
    } else {
      if (logger.isTraceEnabled()) {
        logger.trace("SAML Response Document: " + DocumentUtil.asString(responseDoc));
      }

      byte[] responseBytes = DocumentUtil.getDocumentAsString(responseDoc).getBytes("UTF-8");

      String samlResponse = PostBindingUtil.base64Encode(new String(responseBytes));

      PostBindingUtil.sendPost(
          new DestinationInfoHolder(destination, samlResponse, relayState), response, sendRequest);
    }
  }
Esempio n. 2
0
  protected void sendHttpPostBindingRequest(
      String destination,
      Document samlDocument,
      String relayState,
      HttpServletResponse response,
      boolean willSendRequest)
      throws ProcessingException, IOException, ConfigurationException {
    String samlMessage =
        PostBindingUtil.base64Encode(DocumentUtil.getDocumentAsString(samlDocument));

    DestinationInfoHolder destinationHolder =
        new DestinationInfoHolder(destination, samlMessage, relayState);

    PostBindingUtil.sendPost(destinationHolder, response, willSendRequest);
  }
Esempio n. 3
0
  protected void sendToDestination(
      Document samlDocument,
      String relayState,
      String destination,
      HttpServletResponse response,
      boolean request)
      throws IOException, SAXException, GeneralSecurityException {
    if (!ignoreSignatures) {
      SAML2Signature samlSignature = new SAML2Signature();

      Node nextSibling = samlSignature.getNextSiblingOfIssuer(samlDocument);
      if (nextSibling != null) {
        samlSignature.setNextSibling(nextSibling);
      }
      KeyPair keypair = keyManager.getSigningKeyPair();
      samlSignature.signSAMLDocument(samlDocument, keypair);
    }
    String samlMessage =
        PostBindingUtil.base64Encode(DocumentUtil.getDocumentAsString(samlDocument));
    PostBindingUtil.sendPost(
        new DestinationInfoHolder(destination, samlMessage, relayState), response, request);
  }